Adoptable Cookbooks List

Supermarket Belongs to the Community

Supermarket belongs to the community. While Chef has the responsibility to keep it running and be stewards of its functionality, what it does and how it works is driven by the community. The chef/supermarket repository will continue to be where development of the Supermarket application takes place. Come be part of shaping the direction of Supermarket by opening issues and pull requests or by joining us on the Chef Mailing List.

common_auth cookbook

A cookbook which will create users, group, sudoers and configure openssh with the design to be based on group policies.

Requiremetns

Chef 12.7.0 or later.

Platform

Ubuntu

Attributes / Data Bags

The goal of this cookbook is to manage authentication related resources through a mixture of node attributes and data_bag_item, with node attributes taking precedence over the contents of a data_bag_item.

common_auth.groups

This namespace contains directives which will manage groups on a system as well as optionally populate a list of users to manage.

common_auth.groups.config

A hash containing attribute level overrides for the data_bag_item contents. These can be useful when you wish to provide overrides from a Cookbook, PolicyFile, Role or Environment.

{
"config": {
"group1": {
"action": "delete"
}
}
}

common_auth.groups.managed

A hash containing a list of groups which should be managed on this machine. Each hash value may be either True symbolizing that this item should be managed or False, symbolizing that the group is safe to be deleted.

During the Chef run, the common_group_account LWRPs will update this Hash at the node precedence level, to ensure that the system keeps track of groups which had previously been managed during a Chef run and have since been deleted form the data_bag.

{
"managed": {
"group1": true,
"group2": false
}
}

common_auth.users

This namespace contains directives which will manage users on a system.

common_auth.users.config

A hash containing attribute level overrides for the data_bag_item contents. These can be useful when you wish to provide overrides from a Cookbook, PolicyFile, Role or Environment.

{
"config": {
"user1": {
"action": "delete"
}
}
}

common_auth.users.managed

A hash containing a list of users which should be managed on this machine. Each hash value may be either True symbolizing that this item should be managed or False, symbolizing that the group is safe to be deleted.

During the Chef run, the common_user_account LWRPs will update this Hash at the node precedence level, to ensure that the system keeps track of users which had previously been managed during a Chef run and have since been deleted form the data_bag.

{
"managed": {
"user1": true,
"user2": false
}
}

common_auth.sudoers

A Hash containing sudoers definitions which will drive the creation of sudo LWRP entries.

This is empty by default, except when the cookbook detects that it is being run inside of Vagrant, where the Vagrant user will be granted access.

common_auth.openssh.allow_groups

Hash of OpenSSH AllowGroup directives that will override the standard OpenSSH cookbook attributes.

{
"allow_groups": {
"group1": true,
"group2": false
}
}

This is empty by default, excpet when the cookbook detects that is is being run inside of Vagrant.

common_auth.openssh.match_groups

Hash of OpenSSH Match group statements which will override the standard OpenSSH cookbook attributes.

{
"match_groups": {
"group1": {
"allow_tcp_forwarding": "yes"
}
}
}

todo : Ideally i'd like to move this into the group LWRP at some point.

Resources

common_user_account

Resource which will be responsible for creating a user resource and optionally a common_user_keys resource. Additionally, the creation or deletion of these attributes will be stored in node attributes to ensure that users are deleted if ommitted from configuration.

common_user_keys

Resource which will manage a user's ssh public authorized_keys, ssh private rsa keys and will automatically create an ssh_wrapper script for each private key.

common_group_account

Resource which will be responsible for creating a group resource and optinially a sudoers resource.

Recipes

common_auth::auth

This recipe will generate user and group resources based on attributes.

Contingent cookbooks

common_auth

0.2.0

0.1.9

Resolve error in creating of private id keys and ssh wrappers where all keys created with username rather than keyname

0.1.8

Remove common_group_account warning when passed include_members

0.1.7

Resolve a problem in the custom resources where soem values ( ex.: group memberships ) would never be populated.

0.1.6

Enhancement

Resolve Chef13 warning with secure_data_bag

Bugfix

Resolve bug in ssh_wrapper scripts

0.1.5

Add whyrun support to common_user_account

Add whyrun support to common_user_keys

Add whyrun support to common_group_account

0.1.4

Let's pretend it's the inital commit

Collaborator Number Metric

0.2.0 failed this metric

Failure: Cookbook has 1 collaborators. A cookbook must have at least 2 collaborators to pass this metric.

Foodcritic Metric

0.2.0 failed this metric

FC001: Use strings in preference to symbols to access node attributes: /tmp/6577e52486e63f01b3a2dd85/common_auth/attributes/authorization-sudo.rb:2FC001: Use strings in preference to symbols to access node attributes: /tmp/6577e52486e63f01b3a2dd85/common_auth/attributes/common_auth-groups.rb:4FC001: Use strings in preference to symbols to access node attributes: /tmp/6577e52486e63f01b3a2dd85/common_auth/attributes/common_auth-groups.rb:8FC001: Use strings in preference to symbols to access node attributes: /tmp/6577e52486e63f01b3a2dd85/common_auth/attributes/common_auth-groups.rb:13FC001: Use strings in preference to symbols to access node attributes: /tmp/6577e52486e63f01b3a2dd85/common_auth/attributes/common_auth-openssh.rb:5FC001: Use strings in preference to symbols to access node attributes: /tmp/6577e52486e63f01b3a2dd85/common_auth/attributes/common_auth-openssh.rb:9FC001: Use strings in preference to symbols to access node attributes: /tmp/6577e52486e63f01b3a2dd85/common_auth/attributes/common_auth-openssh.rb:15FC001: Use strings in preference to symbols to access node attributes: /tmp/6577e52486e63f01b3a2dd85/common_auth/attributes/common_auth-sudoers.rb:4FC001: Use strings in preference to symbols to access node attributes: /tmp/6577e52486e63f01b3a2dd85/common_auth/attributes/common_auth-sudoers.rb:8FC001: Use strings in preference to symbols to access node attributes: /tmp/6577e52486e63f01b3a2dd85/common_auth/attributes/common_auth-sudoers.rb:9FC001: Use strings in preference to symbols to access node attributes: /tmp/6577e52486e63f01b3a2dd85/common_auth/attributes/common_auth-sudoers.rb:10FC001: Use strings in preference to symbols to access node attributes: /tmp/6577e52486e63f01b3a2dd85/common_auth/attributes/common_auth-users.rb:4FC001: Use strings in preference to symbols to access node attributes: /tmp/6577e52486e63f01b3a2dd85/common_auth/attributes/common_auth-users.rb:8FC001: Use strings in preference to symbols to access node attributes: /tmp/6577e52486e63f01b3a2dd85/common_auth/attributes/common_auth-users.rb:13FC001: Use strings in preference to symbols to access node attributes: /tmp/6577e52486e63f01b3a2dd85/common_auth/attributes/common_auth-users.rb:17FC001: Use strings in preference to symbols to access node attributes: /tmp/6577e52486e63f01b3a2dd85/common_auth/attributes/common_auth-users.rb:18FC001: Use strings in preference to symbols to access node attributes: /tmp/6577e52486e63f01b3a2dd85/common_auth/attributes/openssh.rb:2FC001: Use strings in preference to symbols to access node attributes: /tmp/6577e52486e63f01b3a2dd85/common_auth/attributes/openssh.rb:23FC001: Use strings in preference to symbols to access node attributes: /tmp/6577e52486e63f01b3a2dd85/common_auth/recipes/auth.rb:9FC001: Use strings in preference to symbols to access node attributes: /tmp/6577e52486e63f01b3a2dd85/common_auth/recipes/auth.rb:13FC001: Use strings in preference to symbols to access node attributes: /tmp/6577e52486e63f01b3a2dd85/common_auth/recipes/auth.rb:14FC001: Use strings in preference to symbols to access node attributes: /tmp/6577e52486e63f01b3a2dd85/common_auth/recipes/auth.rb:18FC001: Use strings in preference to symbols to access node attributes: /tmp/6577e52486e63f01b3a2dd85/common_auth/recipes/auth.rb:22FC001: Use strings in preference to symbols to access node attributes: /tmp/6577e52486e63f01b3a2dd85/common_auth/recipes/auth.rb:23FC001: Use strings in preference to symbols to access node attributes: /tmp/6577e52486e63f01b3a2dd85/common_auth/recipes/auth.rb:28FC001: Use strings in preference to symbols to access node attributes: /tmp/6577e52486e63f01b3a2dd85/common_auth/recipes/auth.rb:37FC001: Use strings in preference to symbols to access node attributes: /tmp/6577e52486e63f01b3a2dd85/common_auth/recipes/auth.rb:73FC001: Use strings in preference to symbols to access node attributes: /tmp/6577e52486e63f01b3a2dd85/common_auth/recipes/auth.rb:82FC001: Use strings in preference to symbols to access node attributes: /tmp/6577e52486e63f01b3a2dd85/common_auth/recipes/openssh.rb:4FC001: Use strings in preference to symbols to access node attributes: /tmp/6577e52486e63f01b3a2dd85/common_auth/recipes/openssh.rb:5FC001: Use strings in preference to symbols to access node attributes: /tmp/6577e52486e63f01b3a2dd85/common_auth/recipes/openssh.rb:7FC001: Use strings in preference to symbols to access node attributes: /tmp/6577e52486e63f01b3a2dd85/common_auth/recipes/openssh.rb:8FC001: Use strings in preference to symbols to access node attributes: /tmp/6577e52486e63f01b3a2dd85/common_auth/recipes/sudo.rb:4FC001: Use strings in preference to symbols to access node attributes: /tmp/6577e52486e63f01b3a2dd85/common_auth/resources/common_group_account.rb:38FC001: Use strings in preference to symbols to access node attributes: /tmp/6577e52486e63f01b3a2dd85/common_auth/resources/common_group_account.rb:42FC001: Use strings in preference to symbols to access node attributes: /tmp/6577e52486e63f01b3a2dd85/common_auth/resources/common_group_account.rb:65FC001: Use strings in preference to symbols to access node attributes: /tmp/6577e52486e63f01b3a2dd85/common_auth/resources/common_group_account.rb:66FC001: Use strings in preference to symbols to access node attributes: /tmp/6577e52486e63f01b3a2dd85/common_auth/resources/common_group_account.rb:68FC001: Use strings in preference to symbols to access node attributes: /tmp/6577e52486e63f01b3a2dd85/common_auth/resources/common_user_account.rb:27FC001: Use strings in preference to symbols to access node attributes: /tmp/6577e52486e63f01b3a2dd85/common_auth/resources/common_user_account.rb:33FC001: Use strings in preference to symbols to access node attributes: /tmp/6577e52486e63f01b3a2dd85/common_auth/resources/common_user_account.rb:63FC001: Use strings in preference to symbols to access node attributes: /tmp/6577e52486e63f01b3a2dd85/common_auth/resources/common_user_account.rb:85FC001: Use strings in preference to symbols to access node attributes: /tmp/6577e52486e63f01b3a2dd85/common_auth/resources/common_user_account.rb:86FC001: Use strings in preference to symbols to access node attributes: /tmp/6577e52486e63f01b3a2dd85/common_auth/resources/common_user_account.rb:88FC001: Use strings in preference to symbols to access node attributes: /tmp/6577e52486e63f01b3a2dd85/common_auth/resources/common_user_account.rb:97FC001: Use strings in preference to symbols to access node attributes: /tmp/6577e52486e63f01b3a2dd85/common_auth/resources/common_user_account.rb:105FC002: Avoid string interpolation where not required: /tmp/6577e52486e63f01b3a2dd85/common_auth/resources/common_user_account.rb:27FC003: Check whether you are running with chef server before using server-specific features: /tmp/6577e52486e63f01b3a2dd85/common_auth/recipes/auth.rb:28FC003: Check whether you are running with chef server before using server-specific features: /tmp/6577e52486e63f01b3a2dd85/common_auth/recipes/auth.rb:73FC016: LWRP does not declare a default action: /tmp/6577e52486e63f01b3a2dd85/common_auth/resources/common_group_account.rb:1FC016: LWRP does not declare a default action: /tmp/6577e52486e63f01b3a2dd85/common_auth/resources/common_user_account.rb:1FC016: LWRP does not declare a default action: /tmp/6577e52486e63f01b3a2dd85/common_auth/resources/common_user_keys.rb:1FC046: Attribute assignment uses assign unless nil: /tmp/6577e52486e63f01b3a2dd85/common_auth/attributes/common_auth-openssh.rb:5FC046: Attribute assignment uses assign unless nil: /tmp/6577e52486e63f01b3a2dd85/common_auth/attributes/common_auth-openssh.rb:15FC046: Attribute assignment uses assign unless nil: /tmp/6577e52486e63f01b3a2dd85/common_auth/attributes/common_auth-sudoers.rb:4